17 matches found
GHSA-QV7W-V773-3XQM sm-crypto Affected by Signature Malleability in SM2-DSA
Summary A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library. An attacker can derive a new valid signature for a previously signed message from an existing signature. Credit This vulnerability was discovered by: - XlabAI Team of Tencent...
GHSA-PGX9-497M-6C4V sm-crypto Affected by Private Key Recovery in SM2-PKE
Summary A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto. By interacting with the SM2 decryption interface multiple times, an attacker can fully recover the private key within approximately several hundred interactions. Credit This vulnerability was discovered...
PT-2026-3894
Name of the Vulnerable Software and Affected Versions sm-crypto versions prior to 0.3.14 Description The sm-crypto library, providing JavaScript implementations of Chinese cryptographic algorithms SM2, SM3, and SM4, contains a signature malleability issue in its SM2 signature verification logic. ...
PT-2026-3893
Name of the Vulnerable Software and Affected Versions sm-crypto versions prior to 0.3.14 Description sm-crypto, a JavaScript library providing implementations of Chinese cryptographic algorithms SM2, SM3, and SM4, contains a flaw in the SM2 decryption logic. An attacker can recover the private ke...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 4 security fixes: 324596281 High CVE-2024-1938: Type Confusion in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-11 323694592 High CVE-2024-1939: Type Confusion in V8. Reported by Bohan Liu @P4nda20371774 of Tencent Security Xuanwu Lab on...
About the security content of iCloud for Windows 7.9 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
FreeBSD : chromium -- vulnerability (36ff7a74-47b1-11e8-a7d6-54e1ad544088)
Google Chrome Releases reports : 62 security fixes in this release : - 826626 Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28 - 827492 Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30 - 813876 High...
OpenJPEG - mqc.c Heap-Based Buffer Overflow Exploit
Exploit for linux platform in category dos / poc DESCRIPTION An Out-of-Bounds Write issue can be occurred in function opjmqcbyteout of mqc.c during executing opjcompress. This issue was caused by a malformed BMP file. CREDIT This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB...
OpenJPEG - mqc.c Heap Buffer Overflow
OpenJPEG - mqc.c Heap Buffer Overflow DESCRIPTION An Out-of-Bounds Write issue can be occurred in function opjmqcbyteout of mqc.c during executing opjcompress. This issue was caused by a malformed BMP file. CREDIT This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB. TESTED VERSION...
OpenJPEG - 'mqc.c' Heap Buffer Overflow
DESCRIPTION An Out-of-Bounds Write issue can be occurred in function opjmqcbyteout of mqc.c during executing opjcompress. This issue was caused by a malformed BMP file. CREDIT This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB. TESTED VERSION Master version of OpenJPEG 805972f,...
Internet Bug Bounty: PHP Integer Overflow in gdImageWebpCtx
PHP Integer Overflow in gdImageWebpCtx 1. Affected Version + PHP 7.0.10 2. Credit This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB. 3. Testing Environments + OS: Ubuntu + PHP: 7.0.10 + Compiler: Clang + CFLAGS: -g -O0 -fsanitize=address 4. PoC 5. Vulnerability Details...
Internet Bug Bounty: CVE-2016-7418 PHP Out-Of-Bounds Read in php_wddx_push_element
CVE-2016-7418 PHP Out-Of-Bounds Read in phpwddxpushelement 1. Affected Version + PHP 7.0.10 + PHP 5.6.25 2. Credit This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB. 3. Testing Environments + OS: Ubuntu + PHP: 7.0.10 + Compiler: Clang + CFLAGS: -g -O0 -fsanitize=address 4. PoC...
Internet Bug Bounty: CVE-2016-3182 OpenJPEG color_esycc_to_rgb Out-of-Bounds Read Vulnerability
CVE-2016-3182 OpenJPEG coloresycctorgb Out-of-Bounds Read Vulnerability 1. About OpenJPEG OpenJPEG is an open-source JPEG 2000 codec written in C language. It's widely used in lots of Linux OSes such as Ubuntu, RedHat, Debian, Fedora, and so on. The official repository of the OpenJPEG project is...
Internet Bug Bounty: CVE-2016-7163 OpenJPEG opj_pi_create_decode Integer Overflow Vulnerability
OpenJPEG opjpicreatedecode Integer Overflow Vulnerability 1. About OpenJPEG OpenJPEG is an open-source JPEG 2000 codec written in C language. It's widely used in lots of Linux OSes such as Ubuntu, RedHat, Debian, Fedora, and so on. The official repository of the OpenJPEG project is available at...
openjpeg -- multiple vulnerabilities
Tencent's Xuanwu LAB reports: A Heap Buffer Overflow Out-of-Bounds Write issue was found in function opjdwtinterleavev of dwt.c. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenJPEG. An integer overflow issue exists in function...
webkit2gtk: multiple issues
CVE-2016-4590 same-origin policy bypass xisigr of Tencents Xuanwu Lab discovered a vulnerability in the way webkit handles URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. - CVE-2016-4591 arbitrary filesystem access ma.la of LINE Corporation discoveered...
Adobe Patches 23 Vulnerabilities in Flash Player
Adobe has released a Flash Player update that addresses 23 critical vulnerabilities in the software, many which can lead to code execution. Version 18.0.0.231 and earlier of Flash Player for Windows and Mac, Microsoft Edge and Internet Explorer 11 in Windows 10, and Internet Explorer 10 and 11, a...